maildown
maildown copied to clipboard
Using roles for IAM authentication
I am running the maildown command line on a ec2 instance with an attached role. This means I don't have any AWS_ACCESS_KEY_ID
or AWS_SECRET_ACCESS_KEY
variables set, neither do I have a .aws/credentials
file. Rather, the role attached to the instance has appropriate SES policies set.
Maildown doesn't seem to fully handle this. This is easier to explain by examples:
The verify command works. Indeed I can see a verification has been registered in the us-east-1 region, so it's definitely picked up the credentials from the attached role:
# maildown verify [email protected]
Email sent to [email protected]. You must click the link in this email to verify ownership before you can send any emails
However, my SES configuration is all in eu-west-1, so having the verification in us-east-1 is no good to me. I tried setting $AWS_DEFAULT_REGION
and $AWS_REGION
accordingly and running the command again but that makes no difference - verifications are still created in us-east-1
So I tried using the init
command to fix the region, but init doesn't seem happy at all that I don't have local credentials:
# maildown init
[KeyError]
'Cannot find expected keys in config file stored at /root/.aws/credentials'
And trying to set the region at init time doesn't help:
# maildown init --backend aws region=eu-west-1
[TypeError]
login() got an unexpected keyword argument 'region'
I'm not sure how to proceed from here?